Apple proposed something a few years ago, when governments were making similar threats, that attempted to strike a middle ground. The idea was that upon uploading an image to iCloud Photos, a on-device scan would be run on that image and an encrypted report generated to be sent up along with the photo. There was differential privacy involved, the report would also sometimes be generated for entirely normal photos, so seeing a report didn’t necessarily indicate anything, and they had set it up such that the server would only be able to decrypt the reports if it had a sufficiently large number of photos that had been actually found to be CSAM by the local scan, so there would have to be many false positives to incorrectly get flagged.

It was incredibly controversial, and they ended up not doing it after all. In my opinion, it’s probably the lightest touch and most responsible way to do something like this, and obviously they always pick the most worthy cause for invading privacy… but I still viscerally dislike the idea that my computer would have code designed to try to get me sent to prison under certain circumstances (not that I’d ever be triggering that code with anything but a false positive of course). Somehow it’s worse than just saying “in the cloud you have no privacy, your photos aren’t encrypted on our servers, and if you upload CSAM we’ll drop a train on you.”

The amount of stuff their LLMs must’ve seen by now.